package shiver.me.timbers.spring.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.jsonwebtoken.SignatureAlgorithm;
import java.io.IOException;
import java.security.KeyPair;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.Authentication;
import shiver.me.timbers.spring.security.context.SecurityContextHolder;
import shiver.me.timbers.spring.security.context.StaticSecurityContextHolder;
import shiver.me.timbers.spring.security.cookies.Bakery;
import shiver.me.timbers.spring.security.cookies.CookieBakery;
import shiver.me.timbers.spring.security.io.FileReader;
import shiver.me.timbers.spring.security.io.ResourceFileReader;
import shiver.me.timbers.spring.security.jwt.AuthenticationConverter;
import shiver.me.timbers.spring.security.jwt.AuthenticationRequestJwtTokenParser;
import shiver.me.timbers.spring.security.jwt.JJwtBuilderFactory;
import shiver.me.timbers.spring.security.jwt.JJwtDecryptor;
import shiver.me.timbers.spring.security.jwt.JJwtEncryptor;
import shiver.me.timbers.spring.security.jwt.JJwtParserFactory;
import shiver.me.timbers.spring.security.jwt.JJwtTokenParser;
import shiver.me.timbers.spring.security.jwt.JwtBuilderFactory;
import shiver.me.timbers.spring.security.jwt.JwtDecryptor;
import shiver.me.timbers.spring.security.jwt.JwtEncryptor;
import shiver.me.timbers.spring.security.jwt.JwtParserFactory;
import shiver.me.timbers.spring.security.jwt.JwtPrincipal;
import shiver.me.timbers.spring.security.jwt.JwtPrincipalAuthenticationConverter;
import shiver.me.timbers.spring.security.jwt.JwtRolesGrantedAuthorityConverter;
import shiver.me.timbers.spring.security.jwt.JwtTokenParser;
import shiver.me.timbers.spring.security.jwt.RolesGrantedAuthorityConverter;
import shiver.me.timbers.spring.security.keys.Base64KeyPairs;
import shiver.me.timbers.spring.security.keys.BouncyCastlePemKeyPairs;
import shiver.me.timbers.spring.security.keys.KeyParser;
import shiver.me.timbers.spring.security.keys.PemKeyPairs;
import shiver.me.timbers.spring.security.keys.SecretBase64KeyPairs;
import shiver.me.timbers.spring.security.keys.SignatureAlgorithmKeyParser;
import shiver.me.timbers.spring.security.secret.ChoosingSecretKeeper;
import shiver.me.timbers.spring.security.secret.SecretKeeper;
import shiver.me.timbers.spring.security.time.Clock;
import shiver.me.timbers.spring.security.time.DateClock;

@ConditionalOnMissingBean({JwtConfiguration.class})
@Configuration
/* loaded from: input_file:shiver/me/timbers/spring/security/JwtConfiguration.class */
public class JwtConfiguration {

    @Value("${smt.spring.security.jwt.tokenName:X-AUTH-TOKEN}")
    private String tokenName;

    @Value("${smt.spring.security.jwt.algorithm:HS512}")
    private SignatureAlgorithm algorithm;

    @Value("${smt.spring.security.jwt.token.expiryDuration:-1}")
    private int expiryDuration;

    @Value("${smt.spring.security.jwt.token.expiryUnit:MINUTES}")
    private TimeUnit expiryUnit;

    @Value("${smt.spring.security.jwt.cookie.domain:}")
    private String domain;

    @Value("${smt.spring.security.jwt.cookie.path:/}")
    private String path;

    @Value("${smt.spring.security.jwt.cookie.secure:false}")
    private boolean secure;

    @Value("${smt.spring.security.jwt.cookie.httpOnly:false}")
    private boolean httpOnly;

    @Value("${smt.spring.security.jwt.secret:}")
    private String secret;

    @Value("${smt.spring.security.jwt.secretFile:}")
    private String secretFile;

    @ConditionalOnMissingBean({JwtLogoutHandler.class})
    @Autowired
    @Bean
    public JwtLogoutHandler jwtLogoutHandler(Bakery<Cookie> bakery) {
        return new CookieJwtLogoutHandler(this.tokenName, bakery);
    }

    @ConditionalOnMissingBean({JwtAuthenticationFilter.class})
    @Autowired
    @Bean
    public JwtAuthenticationFilter jwtAuthenticationFilter(JwtTokenParser<Authentication, HttpServletRequest> jwtTokenParser, SecurityContextHolder securityContextHolder, JwtAuthenticationApplier jwtAuthenticationApplier) {
        return new CookieAndHeaderJwtAuthenticationFilter(jwtTokenParser, securityContextHolder, jwtAuthenticationApplier);
    }

    @ConditionalOnMissingBean({JwtAuthenticationSuccessHandler.class})
    @Autowired
    @Bean
    public JwtAuthenticationSuccessHandler jwtAuthenticationSuccessHandler(JwtAuthenticationApplier jwtAuthenticationApplier) {
        return new CookieAndHeaderJwtAuthenticationSuccessHandler(jwtAuthenticationApplier);
    }

    @ConditionalOnMissingBean({JwtAuthenticationApplier.class})
    @Bean
    public JwtAuthenticationApplier authenticationApplier(JwtTokenParser<Authentication, HttpServletRequest> jwtTokenParser, Bakery<Cookie> bakery) {
        return new CookieJwtAuthenticationApplier(this.tokenName, jwtTokenParser, bakery);
    }

    @ConditionalOnMissingBean({AuthenticationRequestJwtTokenParser.class})
    @Autowired
    @Bean
    public <T> JwtTokenParser<Authentication, HttpServletRequest> authenticationRequestJwtTokenParser(AuthenticationConverter<T> authenticationConverter, JwtTokenParser<T, String> jwtTokenParser) {
        return new AuthenticationRequestJwtTokenParser(this.tokenName, authenticationConverter, jwtTokenParser);
    }

    @ConditionalOnMissingBean({Bakery.class})
    @Bean
    public Bakery<Cookie> bakery() {
        return new CookieBakery(this.expiryDuration, this.expiryUnit, this.domain, this.path, this.secure, this.httpOnly);
    }

    @ConditionalOnMissingBean({SecurityContextHolder.class})
    @Bean
    public SecurityContextHolder securityContextHolder() {
        return new StaticSecurityContextHolder();
    }

    @ConditionalOnMissingBean({AuthenticationConverter.class})
    @Autowired
    @Bean
    public AuthenticationConverter<JwtPrincipal> authenticationConverter(RolesGrantedAuthorityConverter rolesGrantedAuthorityConverter) {
        return new JwtPrincipalAuthenticationConverter(rolesGrantedAuthorityConverter);
    }

    @ConditionalOnMissingBean({JJwtTokenParser.class})
    @Autowired
    @Bean
    public JwtTokenParser<JwtPrincipal, String> jwtTokenParser(JwtEncryptor jwtEncryptor, JwtDecryptor jwtDecryptor) {
        return new JJwtTokenParser(JwtPrincipal.class, jwtEncryptor, jwtDecryptor);
    }

    @ConditionalOnMissingBean({RolesGrantedAuthorityConverter.class})
    @Bean
    public RolesGrantedAuthorityConverter rolesGrantedAuthorityConverter() {
        return new JwtRolesGrantedAuthorityConverter();
    }

    @ConditionalOnMissingBean({JwtEncryptor.class})
    @Bean
    public JwtEncryptor encryptor(JwtBuilderFactory jwtBuilderFactory, KeyPair keyPair, Clock clock) {
        return new JJwtEncryptor(jwtBuilderFactory, this.algorithm, keyPair, this.expiryDuration, this.expiryUnit, clock);
    }

    @ConditionalOnMissingBean({JwtDecryptor.class})
    @Bean
    public JwtDecryptor decryptor(JwtParserFactory jwtParserFactory, KeyPair keyPair) {
        return new JJwtDecryptor(jwtParserFactory, keyPair, new ObjectMapper());
    }

    @ConditionalOnMissingBean({JwtBuilderFactory.class})
    @Bean
    public JwtBuilderFactory jwtBuilderFactory() {
        return new JJwtBuilderFactory();
    }

    @ConditionalOnMissingBean({JwtParserFactory.class})
    @Bean
    public JwtParserFactory jwtParserFactory() {
        return new JJwtParserFactory();
    }

    @ConditionalOnMissingBean({KeyPair.class})
    @Autowired
    @Bean
    public KeyPair keyPair(SecretKeeper secretKeeper, KeyParser keyParser) throws IOException {
        return keyParser.parse(secretKeeper.getSecret());
    }

    @ConditionalOnMissingBean({Clock.class})
    @Bean
    public Clock clock() {
        return new DateClock();
    }

    @ConditionalOnMissingBean({SecretKeeper.class})
    @Bean
    public SecretKeeper secretKeeper(FileReader fileReader) {
        return new ChoosingSecretKeeper(this.secret, this.secretFile, fileReader);
    }

    @ConditionalOnMissingBean({KeyParser.class})
    @Autowired
    @Bean
    public KeyParser keyParser(Base64KeyPairs base64KeyPairs, PemKeyPairs pemKeyPairs) {
        return new SignatureAlgorithmKeyParser(this.algorithm, base64KeyPairs, pemKeyPairs);
    }

    @ConditionalOnMissingBean({FileReader.class})
    @Bean
    public FileReader fileReader() {
        return new ResourceFileReader();
    }

    @ConditionalOnMissingBean({Base64KeyPairs.class})
    @Autowired
    @Bean
    public Base64KeyPairs base64KeyPairs(Base64 base64) {
        return new SecretBase64KeyPairs(base64, this.algorithm);
    }

    @ConditionalOnMissingBean({PemKeyPairs.class})
    @Bean
    public PemKeyPairs pemKeyPairs() {
        return new BouncyCastlePemKeyPairs();
    }

    @ConditionalOnMissingBean({Base64.class})
    @Bean
    public Base64 base64() {
        return new DatatypeConverterBase64();
    }
}
